Filmed at http://2016.dotsecurity.io on April 22nd in Paris. More talks on http://thedotpost.com Even in an alternate universe in which the browser implements every standard perfectly, users aren't safe because the platform itself has holes like XSS and CSRF. Mike talks about some new features which allow developers to mitigate these platform-level risks by locking down their own applications. For the full transcript, please visit http://www.thedotpost.com/2016/05/mike-west-web-platform-security